Dr. Stephen Henson
a23a6e85d8
Update ticket callback docs.
2014-07-03 14:50:08 +01:00
Rich Salz
538860a3ce
RT 1638; EVP_*Final() should mention they no longer cleanup the ctx.
2014-07-02 23:38:34 -04:00
Rich Salz
fc1d88f02f
Close a whole bunch of documentation-related tickets:
...
298 424 656 882 939 1630 1807 2263 2294 2311 2424 2623
2637 2686 2697 2921 2922 2940 3055 3112 3156 3177 3277
2014-07-02 22:42:40 -04:00
Matt Smart
5cc99c6cf5
Fix doc typo.
...
ERR_get_error(3) references the non-existent
ERR_get_last_error_line_data instead of the one that does exist,
ERR_peek_last_error_line_data.
PR#3283
2014-07-02 03:43:42 +01:00
Rich Salz
762a44de59
RT 3245; it's "bitwise or" not "logical or"
2014-07-01 13:00:18 -04:00
Rich Salz
854dfcd859
Fix RT 3211; "and are" -->"are"
2014-07-01 12:55:32 -04:00
Rich Salz
7b1d946051
Fix RT 2567; typo in pkeyutl page.
2014-07-01 12:49:20 -04:00
Rich Salz
42b91f28a6
Fix RT 2430; typo's in ca.pod
2014-07-01 12:47:52 -04:00
Rich Salz
d7003c4d7d
Fix RT 3193
2014-07-01 12:44:32 -04:00
Jeffrey Walton
6e6ba36d98
Clarified that the signature's buffer size, s
, is not used as an
...
IN parameter.
Under the old docs, the only thing stated was "at most
EVP_PKEY_size(pkey) bytes will be written". It was kind of misleading
since it appears EVP_PKEY_size(pkey) WILL be written regardless of the
signature's buffer size.
2014-06-29 23:34:21 +01:00
Ken Ballou
76ed5a42ea
Typo.
...
PR#3173
2014-06-29 13:38:55 +01:00
Dr. Stephen Henson
528b1f9a9f
Clarify protocols supported.
...
Update protocols supported and note that SSLv2 is effectively disabled
by default.
PR#3184
2014-06-29 00:07:08 +01:00
Rich Salz
a0490e02c7
RT 487. Mention that generated primes are "at least" B<bits> long.
2014-06-27 15:59:08 -04:00
Jeffrey Walton
0535c2d67c
Clarify docs.
...
Document that the certificate passed to SSL_CTX_add_extra_chain_cert()
should not be freed by the application.
PR#3409
2014-06-27 16:39:11 +01:00
Viktor Dukhovni
8abffa4a73
Multiple verifier reference identities.
...
Implemented as STACK_OF(OPENSSL_STRING).
2014-06-22 20:32:35 -04:00
Viktor Dukhovni
d241b80409
More complete X509_check_host documentation.
2014-06-22 19:50:02 -04:00
Matt Caswell
115e480924
Fix minor typos
2014-06-19 23:45:21 +01:00
Hubert Kario
e42d84be33
add references to verify(1) man page for args_verify() options
...
cms, ocsp, s_client, s_server and smime tools also use args_verify()
for parsing options, that makes them most of the same options
verify tool does. Add those options to man pages and reference
their explanation in the verify man page.
2014-06-19 23:09:21 +01:00
Hubert Kario
2866441a90
sort the options in verify man page alphabetically
...
just making sure the options are listed in the alphabetical order
both in SYNOPSIS and DESCRIPTION, no text changes
2014-06-19 23:09:21 +01:00
Hubert Kario
cd028c8e66
add description of missing options to verify man page
...
The options related to policy used for verification, verification
of subject names in certificate and certificate chain handling
were missing in the verify(1) man page. This fixes this issue.
2014-06-19 23:09:21 +01:00
Hubert Kario
ce21d108bd
smime man page: add missing options in SYNOPSIS
...
-CAfile and -CApath is documented in OPTIONS but is missing
in SYNOPSIS, add them there
2014-06-19 23:09:21 +01:00
Hubert Kario
6d3d579367
Document -trusted_first option in man pages and help.
...
Add -trusted_first description to help messages and man pages
of tools that deal with certificate verification.
2014-06-19 23:09:21 +01:00
rfkrocktk
96fc4b7250
Added documentation for -iter for PKCS#8
2014-06-17 23:10:14 +01:00
Viktor Dukhovni
a09e4d24ad
Client-side namecheck wildcards.
...
A client reference identity of ".example.com" matches a server
certificate presented identity that is any sub-domain of "example.com"
(e.g. "www.sub.example.com).
With the X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS flag, it matches
only direct child sub-domains (e.g. "www.sub.example.com").
2014-06-12 23:19:25 +01:00
Hubert Kario
343e5cf194
add ECC strings to ciphers(1), point out difference between DH and ECDH
...
* Make a clear distinction between DH and ECDH key exchange.
* Group all key exchange cipher suite identifiers, first DH then ECDH
* add descriptions for all supported *DH* identifiers
* add ECDSA authentication descriptions
* add example showing how to disable all suites that offer no
authentication or encryption
2014-06-10 20:53:07 +01:00
Matt Caswell
fa6bb85ae0
Fixed minor duplication in docs
2014-06-07 12:30:18 +01:00
Dr. Stephen Henson
01f2f18f3c
Option to disable padding extension.
...
Add TLS padding extension to SSL_OP_ALL so it is used with other
"bugs" options and can be turned off.
This replaces SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG which is an ancient
option referring to SSLv2 and SSLREF.
PR#3336
2014-06-01 18:15:21 +01:00
Hubert Kario
9ed03faac4
add description of -attime to man page
...
the verify app man page didn't describe the usage of attime option
even though it was listed as a valid option in the -help message.
This patch fixes this omission.
2014-05-30 23:26:35 +01:00
Hubert Kario
08bef7be1e
add description of -no_ecdhe option to s_server man page
...
While the -help message references this option, the man page
doesn't mention the -no_ecdhe option.
This patch fixes this omission.
2014-05-30 22:59:43 +01:00
Matt Caswell
3d9243f1b6
Changed -strictpem to use PEM_read_bio
2014-05-26 23:31:37 +01:00
Matt Caswell
6b5c1d940b
Added -strictpem parameter to enable processing of PEM files with data prior to the BEGIN marker
2014-05-26 17:24:11 +01:00
Matt Caswell
15658d0cbf
Fixed error in args for SSL_set_msg_callback and SSL_set_msg_callback_arg
2014-05-25 23:45:12 +01:00
Martin Kaiser
189ae368d9
Add an NSS output format to sess_id to export to export the session id and the master key in NSS keylog format. PR#3352
2014-05-24 00:02:24 +01:00
Matt Caswell
085ccc542a
Fixed minor copy&paste error, and stray space causing rendering problem
2014-05-22 00:07:35 +01:00
Matt Caswell
df24f29ae6
Fixed unterminated B tag, causing build to fail with newer pod2man versions
2014-05-22 00:00:23 +01:00
Viktor Dukhovni
397a8e747d
Fixes to host checking.
...
Fixes to host checking wild card support and add support for
setting host checking flags when verifying a certificate
chain.
2014-05-21 11:31:28 +01:00
Dr. Stephen Henson
6f719f063c
Change default cipher in smime app to des3.
...
PR#3357
2014-05-21 11:28:57 +01:00
Matt Caswell
d4b47504de
Moved note about lack of support for AEAD modes out of BUGS section to SUPPORTED CIPHERS section (bug has been fixed, but still no support for AEAD)
2014-05-15 21:13:38 +01:00
Jeffrey Walton
2af071c0bc
Fix grammar error in verify pod. PR#3355
2014-05-14 22:49:30 +01:00
Jeffrey Walton
18c4f522f4
Add information to BUGS section of enc documentation. PR#3354
2014-05-14 22:48:26 +01:00
Michal Bozon
ab6577a46e
Corrected POD syntax errors. PR#3353
2014-05-14 21:07:51 +01:00
Jean-Paul Calderone
a4a442cccf
Correct the return type on the signature for X509_STORE_CTX_get_ex_data given in the pod file.
2014-05-12 22:41:13 +01:00
Dr. Stephen Henson
89e674744d
Correct example.
2014-05-12 18:41:52 +01:00
Matt Caswell
c4afc40a9b
Fixed CRLF in file
2014-05-10 01:19:50 +01:00
Jeff Trawick
e5676b8328
typo in SSL_get_peer_cert_chain docs
...
RT: 3304
2014-05-01 13:40:01 +02:00
Matt Caswell
ba1cb9a553
Fix SSL_CONF_cmd missing =back
2014-04-27 18:57:34 +01:00
Matt Caswell
b5450d6349
Fixed minor errors in docs
2014-04-26 21:56:36 +01:00
Matt Caswell
6bcc4475fc
PKCS5_PBKDF2_HMAC documentation submitted by Jeffrey Walton
2014-04-26 21:44:26 +01:00
Chris Rorvick
fa9d77dcd2
doc: Add missing =back directive.
...
Signed-off-by: Chris Rorvick <chris@rorvick.com>
2014-04-26 12:32:53 -05:00
mancha
8acb953880
Fix version documentation.
...
Specify -f is for compilation flags. Add -d to synopsis section.
Closes #77 .
2014-04-26 08:09:53 +01:00